NTLM authentication
NT LAN Manager (NTLM) protocol can be used as a fallback for authentication when the Active Directory (AD) domain controller is unreachable. NTLM uses the web browser to send and receive authentication information. See
“NTLM” and
“FSSO NTLM authentication support”.
To enable NTLM
1. Go to Policy & Objects > Policy > IPv4 and note the ID number of your FSSO policy.
The policy must have an FSSO user group as Source User(s). There must be at least one FSSO Collector agent configured on the FortiGate unit.
2. Edit the policy in the CLI to enable NTLM. For example, if the policy ID is 4:
config firewall policy
edit 4
set ntlm enable
end